Logstash input UDP netflow codec - BUG?

pierre1 · September 1, 2017, 8:04am

i think there is a bug with UDP / netflow :
my conf :

input {
udp {
port => 9556
codec => netflow {
versions => [5, 9]
target => "nf"
}
type => "netflow"
}
}

In all case i receive the flow
first :

when my elk server can’t communicate with my network equipment but i can
see the netflow in it network interface with tcpdump, i have no data
processed
second case :
when my elk server can communicate with my network equipment and i
can see the netflow in it network interface with tcpdump, i have data
processed
it does not mean anything, with UDP there is not communication as in TCP

system · September 29, 2017, 8:04am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Probleme input UDP , no index, no DATA Logstash	2	562	April 28, 2017
Input UDP/ netflow no listenning Logstash	2	769	April 19, 2017
UDP netflow packets arrive, netflow does not process them Logstash	6	1577	April 3, 2019
[Solved] Netflow input in Logstash Logstash	2	827	July 6, 2017
Can't parse netflow by logstash codec Logstash	1	1081	March 12, 2018

Logstash input UDP netflow codec - BUG?

Related topics